• Enable Squidguard only in one Computer

    3
    0 Votes
    3 Posts
    572 Views
    J
    @periko I do this: Add ACL to the squidguard.conf (Diagnostics / Edit File / /usr/local/etc/squidGuard/squidGuard.conf) src admins { ip 192.168.2.0-192.168.2.255 ip 172.16.12.0/255.255.255.0 ip 10.5.3.1/28 } From squid GUI I definied this IP ranges in Unrestricted IPs. This work for me. Thanks !!!
  • SquidGuard 1.16.18_20 Not Filtering (cont.)

    1
    0 Votes
    1 Posts
    369 Views
    No one has replied
  • Squidguard 1.16.18_20 squid 0.4.45_5 pfsense 2.5.2

    1
    0 Votes
    1 Posts
    446 Views
    No one has replied
  • SquidGuard 1.16.18_20 Not Filtering

    5
    0 Votes
    5 Posts
    846 Views
    D
    @kom I've configured squid as transparent/ssl proxy server with one bypass for windows updates. SSL/MITM mode: Splice Whitelist, Bump Otherwise. (see attacment) [image: 1629117956946-squid-config_210816-resized.jpg] It was working ok when first installed, then for no apparent reason that I can trace, it just stopped filtering, Should I proceed to clear squid proxy server cache? Do you require any other config/specifics to help diagnose?
  • Squid Reverse Proxy - SSTP VPN Quit working after update

    1
    0 Votes
    1 Posts
    410 Views
    No one has replied
  • consider configure haproxy to preffer hardware cryptos?

    6
    0 Votes
    6 Posts
    845 Views
    johnpozJ
    Well you could give it a shot, and see if you have any issues reported by clients.. Yeah I went through the whole security thing awhile back, there is a thread around here about it somewhere - wanted to get A+, and discovered that if you only allow for tls 1.3, that ssllabs will only give you a A vs A+ ;) edit: here is that thread https://forum.netgate.com/topic/162125/get-a-on-ssl-labs-test
  • SquidGuard 1.16.18_19 update is borked

    15
    2 Votes
    15 Posts
    2k Views
    D
    @viktor_g Thank you for the promp reply, Presently I'm just running Squid - Proxy Service. Unfortuneately, I've removed Squidguard temporarily to avoid issues with Net Users. I normally do diagnostics/net management on Fridays, so I will reinstall/try again and send log at that time, or sooner if possible.
  • Client Authentication on path with HAProxy

    Moved
    4
    0 Votes
    4 Posts
    807 Views
    stephenw10S
    I don't believe you can do that since the front end needs to bind with 'verify required' for everything. See the discussion linked from that article: https://discourse.haproxy.org/t/how-to-set-ssl-verify-client-for-specific-domain-name/1489/3 It may not be something you can do using only the gui options in the pfSense package. You might have to use the custom pass though fields. It's not something I've ever seen done. But if you;re using different front ends I would expect to use the 'SSL Client issued by CA common name:' option. Steve
  • SSL Splicing uses IP address instead of SNI

    1
    0 Votes
    1 Posts
    306 Views
    No one has replied
  • Problem with NTLM + pf2ad

    Moved
    2
    0 Votes
    2 Posts
    527 Views
    K
    @lucas-borges remeber that is left alone and click save then you go squidguard and configure to your LDAP config [image: 1627954064491-f74b6bae-57a9-4fab-a1c7-bf85d2dbcc50-image.png]
  • HAproxy www with multiple sites?

    2
    0 Votes
    2 Posts
    340 Views
    K
    edit: fixed it had to add another access control list with www pointing to the acl hope this helps someone else
  • LAN Client to resolve locally?

    9
    0 Votes
    9 Posts
    1k Views
    johnpozJ
    Your phone prob not using your local dns would be my guess.. Make sure you phone is using your dns - and it is no different than any other client on your lan. Prob has doh turned on in whatever browser your using, etc.
  • Blocking devices on my network from accessing web resources

    9
    0 Votes
    9 Posts
    1k Views
    R
    @kom Great ideas, will give it a try and report back. Thanks for your help.
  • lightsquid configuration menu missing

    2
    0 Votes
    2 Posts
    315 Views
    J
    Sorry!! I've just figured out that it was necessary to install squid package before lightsquid !! problem solved !!
  • Proxy transparente em dispositivo móvel

    1
    0 Votes
    1 Posts
    352 Views
    No one has replied
  • proxy+pfsense+mikrotik

    1
    0 Votes
    1 Posts
    364 Views
    No one has replied
  • HA Proxy with SSL client authentication

    1
    0 Votes
    1 Posts
    340 Views
    No one has replied
  • Problem with dante socks server doing DNS lookups

    2
    0 Votes
    2 Posts
    2k Views
    Bob.DigB
    @sparkman123 said in Problem with dante socks server doing DNS lookups: For me it is not working with any ovpn client in the first place.
  • The following input errors were detected: (DF3) ACL 'default' error:

    2
    0 Votes
    2 Posts
    656 Views
    C
    @ksoares Were you able to solve this problem? I am going through the same after updating PFSENSE to version 2.5.2
  • HAProxy for home use?

    4
    0 Votes
    4 Posts
    962 Views
    A
    If the normal home use includes anything with a large number of connections which are overwhelming your router than maybe it could be used. You can always set it up for fun/learning and see how it works, you could try setting up a public minecraft server to test it.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.